[unisog] IIS vulernerability scanner tool

Russell Fulton r.fulton at auckland.ac.nz
Tue Jul 31 01:48:55 GMT 2001


I am having my second go at looking for machines that are vulnerable to 
attack via MS index services using the script as modified by Anne Bennet
(first time we used another tool). It turned up two unpatched systems 
and a few 'POSSIBLY UNPATCHED' all of which are returning:

RESULT 130.216.7.41: Possibly UNPATCHED IIS 4.0
DETAIL 130.216.7.41: : HTTP/1.1 404 Object Not Found  Server: 
Microsoft-IIS/4....

I am guessing that this is caused by removal of the mappings for .ida, 
which I have been advising people to do.  In anycase it would appear 
that such machine are not vulnerable to attack via .ida or .idq 
mappings.

Anyone have any other ideas?

Cheers, Russell.

Russell Fulton, Computer and Network Security Officer
The University of Auckland,  New Zealand




More information about the unisog mailing list